Data Security at the Office of Financial Research to Be Focus of Oversight Subcommittee Hearing

Washington, Jul 13 -

The Oversight and Investigations Subcommittee on Thursday will hold a hearing on the new Office of Financial Research (OFR) and pay particular attention to the data security risks inherent with OFR’s mission of collecting sensitive, private financial information.

The Office of Financial Research, created by the Dodd-Frank Act, has the authority -- backed up by subpoena power -- to collect any information it deems necessary from any “financial company.” The OFR is supposed to use this information to assist the Financial Stability Oversight Council -- another Dodd-Frank creation -- in identifying systemic threats to the stability of U.S. financial markets.

The unprecedented access the Office of Financial Research will have to personal and corporate financial data makes it a “target rich environment” for hackers, said Financial Services Committee Chairman Spencer Bachus.

Referring to the disclosure of information through Wikileaks, Chairman Bachus said: “If the State Department is unable to protect its own classified information, it is reasonable to ask how the Office of Financial Research can be expected to protect unclassified data.”

Chairman Bachus said concerns about data security are magnified by the lack of accountability built into the OFR. Like the Consumer Financial Protection Bureau, the OFR sets its own budget and is not subject to the Congressional appropriations process. Instead, the Office obtains its funding from the Federal Reserve for its first two years of operations. After that, it will place assessments on financial companies to fund its operations

Subcommittee Chairman Randy Neugebauer said, “The Office of Financial Research is just as powerful and intrusive as the CFPB, the other independent agency created by Dodd-Frank. It has sweeping authority -- backed up by subpoena power and limitless assessment authority -- to collect ‘all data necessary’ to carry out its duties. As a result, OFR will have unprecedented, real-time access to a wealth of personal and proprietary corporate data -- all in the name of an unattainable goal of preventing the next financial crisis. This hearing will raise important issues and provide much needed oversight of this new agency.”

The Oversight Subcommittee hearing comes on the heels of a June 29 Financial Services Committee field hearing at the National Computer Forensic Institute in Alabama. There, Committee members examined the threat hackers pose to individuals, businesses, and government agencies.

What: Oversight and Investigations Subcommittee hearing on the Office of Financial Research